From 5ad6c3693ee2d1b88d114f75ba346b3e278ce58b Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 10 Nov 2020 17:14:34 +0530 Subject: [PATCH 1/8] refresh token through iframe --- src/connector-wrapper.js | 26 ++++++++--------- web-assets/js/setupAuth0WithRedirect.js | 37 +++++++++++++++++++------ 2 files changed, 41 insertions(+), 22 deletions(-) diff --git a/src/connector-wrapper.js b/src/connector-wrapper.js index c25b26e..9d24532 100644 --- a/src/connector-wrapper.js +++ b/src/connector-wrapper.js @@ -36,26 +36,26 @@ const proxyCall = function() { } function request() { - /*return new Promise( (resolve, reject) => { + return new Promise((resolve, reject) => { function receiveMessage(e) { - const safeFormat = e.data.type === SUCCESS || e.data.type === FAILURE - if (safeFormat) { - window.removeEventListener('message', receiveMessage) - if (e.data.type === SUCCESS) resolve(e.data) - if (e.data.type === FAILURE) reject(e.error) + const safeFormat = e.data.type === "SUCCESS" || e.data.type === "FAILURE" + if (safeFormat) { + window.removeEventListener('message', receiveMessage) + if (e.data.type === "SUCCESS") { + const token = getToken('v3jwt') + token ? resolve({ token: token }) : reject("v3jwt cookie not found") + } else { + reject("unable to refesh token") } + } } - + window.addEventListener('message', receiveMessage) - const payload = Object.assign({}, { type: REQUEST }, params) + const payload = { type: "REFRESH_TOKEN" } iframe.contentWindow.postMessage(payload, url) - }) */ - return new Promise((resolve, reject) => { - const token = getToken('v3jwt') - token ? resolve({ token: token }) : reject("v3jwt cookie not found") - }) + }) } if (loading) { diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index c82235d..c6b8d4b 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -90,8 +90,8 @@ const authSetup = function () { } else if (!isLoggedIn() && returnAppUrl) { login(); } else if (qs['error'] && qs['state']) { - logger("Error in executing callback(): ", qs['error_description']); - showLoginError(qs['error_description'], appUrl); + logger("Error in executing callback(): ", qs['error_description']); + showLoginError(qs['error_description'], appUrl); } else { logger("User already logged in", true); postLogin(); @@ -410,17 +410,36 @@ const authSetup = function () { } /** - * will receive message from iframe - */ + * will receive message from iframe + */ function receiveMessage(e) { logger("received Event:", e); - if (e.data && e.data.type && e.origin) { - if (e.data.type === IframeLogoutRequestType) { - host = e.origin; - logout(); - } + const failed = { + type: "FAILURE" + }; + const success = { + type: "SUCCESS" + }; + if (e.type === "REFRESH_TOKEN") { + auth0.isAuthenticated().then(function (isAuthenticated) { + auth0.getTokenSilently().then(function (token) { + storeToken(); + informIt(success, e); + }).catch(function (err) { + logger("receiveMessage: Error in refreshing through ifram token: ", err) + informIt(failed, e); + }); + }).catch(function (err) { + logger("receiveMessage: Error occured in checkng authentication", err); + informIt(failed, e); + }); + } else { + informIt(failed, e); } + } + function informIt(data, e) { + e.source.postMessage(data, e.origin); } function changeWindowMessage() { From 7a89b9884b0caf4f128525a0d73797237bc977d2 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 10 Nov 2020 17:54:26 +0530 Subject: [PATCH 2/8] typo --- src/connector-wrapper.js | 8 +++++--- web-assets/js/setupAuth0WithRedirect.js | 2 +- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/connector-wrapper.js b/src/connector-wrapper.js index 9d24532..5aa06a7 100644 --- a/src/connector-wrapper.js +++ b/src/connector-wrapper.js @@ -38,18 +38,20 @@ const proxyCall = function() { function request() { return new Promise((resolve, reject) => { function receiveMessage(e) { + console.log("Received at auth-lib:", e) const safeFormat = e.data.type === "SUCCESS" || e.data.type === "FAILURE" if (safeFormat) { window.removeEventListener('message', receiveMessage) if (e.data.type === "SUCCESS") { const token = getToken('v3jwt') token ? resolve({ token: token }) : reject("v3jwt cookie not found") - } else { - reject("unable to refesh token") + } + if (e.data.type === "FAILURE") { + reject("unable to get refesh token") } } } - + window.addEventListener('message', receiveMessage) const payload = { type: "REFRESH_TOKEN" } diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index c6b8d4b..a104e3a 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -420,7 +420,7 @@ const authSetup = function () { const success = { type: "SUCCESS" }; - if (e.type === "REFRESH_TOKEN") { + if (e.data.type === "REFRESH_TOKEN") { auth0.isAuthenticated().then(function (isAuthenticated) { auth0.getTokenSilently().then(function (token) { storeToken(); From d8e74f9d1fdaf2006a3795ba6894f684f3699b81 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 10 Nov 2020 19:07:31 +0530 Subject: [PATCH 3/8] logic changes --- src/connector-wrapper.js | 42 ++++++++++++++----------- web-assets/js/setupAuth0WithRedirect.js | 26 ++++++++++----- 2 files changed, 42 insertions(+), 26 deletions(-) diff --git a/src/connector-wrapper.js b/src/connector-wrapper.js index 5aa06a7..a042fc3 100644 --- a/src/connector-wrapper.js +++ b/src/connector-wrapper.js @@ -1,5 +1,5 @@ const {createFrame} = require('./iframe') -const {getToken} = require ('./token') +const {getToken, isTokenExpired} = require ('./token') let iframe = null let loading = null @@ -36,28 +36,34 @@ const proxyCall = function() { } function request() { - return new Promise((resolve, reject) => { - function receiveMessage(e) { - console.log("Received at auth-lib:", e) - const safeFormat = e.data.type === "SUCCESS" || e.data.type === "FAILURE" - if (safeFormat) { - window.removeEventListener('message', receiveMessage) - if (e.data.type === "SUCCESS") { - const token = getToken('v3jwt') - token ? resolve({ token: token }) : reject("v3jwt cookie not found") - } - if (e.data.type === "FAILURE") { - reject("unable to get refesh token") + const token = getToken('v3jwt') + if (token && !isTokenExpired(token, 65)) { + return new Promise((resolve, reject) => { + token ? resolve({ token: token }) : reject("v3jwt cookie not found") + }) + } else { + return new Promise((resolve, reject) => { + function receiveMessage(e) { + console.log("Received at auth-lib:", e) + const safeFormat = e.data.type === "SUCCESS" || e.data.type === "FAILURE" + if (safeFormat) { + window.removeEventListener('message', receiveMessage) + if (e.data.type === "SUCCESS") { + token ? resolve({ token: token }) : reject("v3jwt cookie not found") + } + if (e.data.type === "FAILURE") { + reject("unable to get refesh token") + } } } - } - window.addEventListener('message', receiveMessage) + window.addEventListener('message', receiveMessage) - const payload = { type: "REFRESH_TOKEN" } + const payload = { type: "REFRESH_TOKEN" } - iframe.contentWindow.postMessage(payload, url) - }) + iframe.contentWindow.postMessage(payload, url) + }) + } } if (loading) { diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index a104e3a..186293e 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -421,18 +421,28 @@ const authSetup = function () { type: "SUCCESS" }; if (e.data.type === "REFRESH_TOKEN") { - auth0.isAuthenticated().then(function (isAuthenticated) { - auth0.getTokenSilently().then(function (token) { - storeToken(); - informIt(success, e); + const token = getCookie(v3JWTCookie); + if (token && !isTokenExpired(token, 65)) { + informIt(success, e); + } else if (auth0) { + logger("inside auth0 block", "ok"); + auth0.isAuthenticated().then(function (isAuthenticated) { + logger("inside auth0 block isAuthenticated", isAuthenticated); + auth0.getTokenSilently().then(function (token) { + logger("inside auth0 block getTokenSilently", token); + storeToken(); + informIt(success, e); + }).catch(function (err) { + logger("receiveMessage: Error in refreshing through ifram token: ", err) + informIt(failed, e); + }); }).catch(function (err) { - logger("receiveMessage: Error in refreshing through ifram token: ", err) + logger("receiveMessage: Error occured in checkng authentication", err); informIt(failed, e); }); - }).catch(function (err) { - logger("receiveMessage: Error occured in checkng authentication", err); + } else { informIt(failed, e); - }); + } } else { informIt(failed, e); } From f0fcda897af59c39d0beb63f330833c8bcb82012 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Tue, 10 Nov 2020 20:29:00 +0530 Subject: [PATCH 4/8] correcting logic --- web-assets/js/setupAuth0WithRedirect.js | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index 186293e..73fe3bc 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -428,14 +428,18 @@ const authSetup = function () { logger("inside auth0 block", "ok"); auth0.isAuthenticated().then(function (isAuthenticated) { logger("inside auth0 block isAuthenticated", isAuthenticated); - auth0.getTokenSilently().then(function (token) { - logger("inside auth0 block getTokenSilently", token); - storeToken(); - informIt(success, e); - }).catch(function (err) { - logger("receiveMessage: Error in refreshing through ifram token: ", err) + if (isAuthenticated) { + auth0.getTokenSilently().then(function (token) { + logger("inside auth0 block getTokenSilently", token); + storeToken(); + informIt(success, e); + }).catch(function (err) { + logger("receiveMessage: Error in refreshing through ifram token: ", err) + informIt(failed, e); + }); + } else { informIt(failed, e); - }); + } }).catch(function (err) { logger("receiveMessage: Error occured in checkng authentication", err); informIt(failed, e); From 503fb465ba65243a9b7ff9933275d1abd6bfa9a8 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 11 Nov 2020 10:40:32 +0530 Subject: [PATCH 5/8] correcting storing logic for refresh token through iframe --- src/connector-wrapper.js | 23 +++++++------ web-assets/js/setupAuth0WithRedirect.js | 44 ++++++++++++++++++++++--- 2 files changed, 50 insertions(+), 17 deletions(-) diff --git a/src/connector-wrapper.js b/src/connector-wrapper.js index a042fc3..6622a04 100644 --- a/src/connector-wrapper.js +++ b/src/connector-wrapper.js @@ -1,5 +1,5 @@ -const {createFrame} = require('./iframe') -const {getToken, isTokenExpired} = require ('./token') +const { createFrame } = require('./iframe') +const { getToken, isTokenExpired } = require('./token') let iframe = null let loading = null @@ -7,7 +7,7 @@ let url = '' let mock = false let token = '' -export function configureConnector({connectorUrl, frameId, mockMode, mockToken}) { +export function configureConnector({ connectorUrl, frameId, mockMode, mockToken }) { if (mockMode) { mock = true token = mockToken @@ -15,10 +15,10 @@ export function configureConnector({connectorUrl, frameId, mockMode, mockToken}) console.warn('tc-accounts connector can only be configured once, this request has been ignored.') } else { iframe = createFrame(frameId, connectorUrl) - url = connectorUrl - - loading = new Promise( (resolve) => { - iframe.onload = function() { + url = connectorUrl + + loading = new Promise((resolve) => { + iframe.onload = function () { loading = null resolve() } @@ -26,7 +26,7 @@ export function configureConnector({connectorUrl, frameId, mockMode, mockToken}) } } -const proxyCall = function() { +const proxyCall = function () { if (mock) { throw new Error('connector is running in mock mode. This method (proxyCall) should not be invoked.') } @@ -37,6 +37,7 @@ const proxyCall = function() { function request() { const token = getToken('v3jwt') + // 65 is offset in seconds, before expiry if (token && !isTokenExpired(token, 65)) { return new Promise((resolve, reject) => { token ? resolve({ token: token }) : reject("v3jwt cookie not found") @@ -44,14 +45,12 @@ const proxyCall = function() { } else { return new Promise((resolve, reject) => { function receiveMessage(e) { - console.log("Received at auth-lib:", e) const safeFormat = e.data.type === "SUCCESS" || e.data.type === "FAILURE" if (safeFormat) { window.removeEventListener('message', receiveMessage) if (e.data.type === "SUCCESS") { token ? resolve({ token: token }) : reject("v3jwt cookie not found") - } - if (e.data.type === "FAILURE") { + } else { reject("unable to get refesh token") } } @@ -83,7 +82,7 @@ export function getFreshToken() { } return proxyCall() - .then( data => data.token ) + .then(data => data.token) } diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index 73fe3bc..555e322 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -425,16 +425,13 @@ const authSetup = function () { if (token && !isTokenExpired(token, 65)) { informIt(success, e); } else if (auth0) { - logger("inside auth0 block", "ok"); auth0.isAuthenticated().then(function (isAuthenticated) { - logger("inside auth0 block isAuthenticated", isAuthenticated); if (isAuthenticated) { auth0.getTokenSilently().then(function (token) { - logger("inside auth0 block getTokenSilently", token); - storeToken(); + storeRefreshedToken(); informIt(success, e); }).catch(function (err) { - logger("receiveMessage: Error in refreshing through ifram token: ", err) + logger("receiveMessage: Error in refreshing token through iframe:", err) informIt(failed, e); }); } else { @@ -452,10 +449,47 @@ const authSetup = function () { } } + /** + * post message to iframe + * @param data payload + * @param e event object + */ function informIt(data, e) { e.source.postMessage(data, e.origin); } + function storeRefreshedToken() { + auth0.getIdTokenClaims().then(function (claims) { + idToken = claims.__raw; + let userActive = false; + Object.keys(claims).findIndex(function (key) { + if (key.includes('active')) { + userActive = claims[key]; + return true; + } + return false; + }); + if (userActive) { + let tcsso = ''; + Object.keys(claims).findIndex(function (key) { + if (key.includes(tcSSOCookie)) { + tcsso = claims[key]; + return true; + } + return false; + }); + logger('Storing refreshed token...', true); + setCookie(tcJWTCookie, idToken, cookieExpireIn); + setCookie(v3JWTCookie, idToken, cookieExpireIn); + setCookie(tcSSOCookie, tcsso, cookieExpireIn); + } else { + logger("Refeshed token - user active ? ", userActive); + } + }).catch(function (e) { + logger("Refeshed token - error in fetching token from auth0: ", e); + }); + }; + function changeWindowMessage() { if ((!returnAppUrl && !appUrl) || ((returnAppUrl == 'undefined') && (appUrl == 'undefined'))) { From e35018250ca83906e3aee4967c672ab9fa9e5666 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 11 Nov 2020 14:02:02 +0530 Subject: [PATCH 6/8] correcting logic for reload page --- web-assets/js/setupAuth0WithRedirect.js | 148 +++++++++++++----------- 1 file changed, 81 insertions(+), 67 deletions(-) diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index 555e322..69005f5 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -414,82 +414,96 @@ const authSetup = function () { */ function receiveMessage(e) { logger("received Event:", e); - const failed = { - type: "FAILURE" - }; - const success = { - type: "SUCCESS" - }; if (e.data.type === "REFRESH_TOKEN") { const token = getCookie(v3JWTCookie); - if (token && !isTokenExpired(token, 65)) { - informIt(success, e); - } else if (auth0) { - auth0.isAuthenticated().then(function (isAuthenticated) { - if (isAuthenticated) { - auth0.getTokenSilently().then(function (token) { - storeRefreshedToken(); - informIt(success, e); + const failed = { + type: "FAILURE" + }; + const success = { + type: "SUCCESS" + }; + + const informIt = function (payload) { + e.source.postMessage(payload, e.origin); + } + try { + const storeRefreshedToken = function (aObj) { + aObj.getIdTokenClaims().then(function (claims) { + idToken = claims.__raw; + let userActive = false; + Object.keys(claims).findIndex(function (key) { + if (key.includes('active')) { + userActive = claims[key]; + return true; + } + return false; + }); + if (userActive) { + let tcsso = ''; + Object.keys(claims).findIndex(function (key) { + if (key.includes(tcSSOCookie)) { + tcsso = claims[key]; + return true; + } + return false; + }); + logger('Storing refreshed token...', true); + setCookie(tcJWTCookie, idToken, cookieExpireIn); + setCookie(v3JWTCookie, idToken, cookieExpireIn); + setCookie(tcSSOCookie, tcsso, cookieExpireIn); + informIt(success); + } else { + logger("Refeshed token - user active ? ", userActive); + informIt(failed); + } + }).catch(function (err) { + logger("Refeshed token - error in fetching token from auth0: ", err); + informIt(failed); + }); + }; + + // main execution start here + if (token && !isTokenExpired(token)) { + informIt(success); + } else { + createAuth0Client({ + domain: domain, + client_id: clientId, + cacheLocation: useLocalStorage + ? 'localstorage' + : 'memory', + useRefreshTokens: useRefreshTokens + }).then(function (aObj) { + aObj.isAuthenticated().then(function (isAuthenticated) { + if (isAuthenticated) { + aObj.getTokenSilently().then(function (token) { + storeRefreshedToken(aObj); + }).catch(function (err) { + logger("receiveMessage: Error in refreshing token through iframe:", err) + informIt(failed); + }); + } else { + logger("authenticated ?", isAuthenticated); + informIt(failed); + } }).catch(function (err) { - logger("receiveMessage: Error in refreshing token through iframe:", err) - informIt(failed, e); + logger("receiveMessage: Error occured in checkng authentication", err); + informIt(failed); }); - } else { - informIt(failed, e); - } - }).catch(function (err) { - logger("receiveMessage: Error occured in checkng authentication", err); - informIt(failed, e); - }); - } else { - informIt(failed, e); + }).catch(function (err) { + logger("receiveMessage: Error occured in initializing auth0", err); + informIt(failed); + }); + } + } catch (e) { + logger("error occured in iframe handler:", e.message); + informIt(failed); } } else { - informIt(failed, e); + // do nothing } } - /** - * post message to iframe - * @param data payload - * @param e event object - */ - function informIt(data, e) { - e.source.postMessage(data, e.origin); - } - - function storeRefreshedToken() { - auth0.getIdTokenClaims().then(function (claims) { - idToken = claims.__raw; - let userActive = false; - Object.keys(claims).findIndex(function (key) { - if (key.includes('active')) { - userActive = claims[key]; - return true; - } - return false; - }); - if (userActive) { - let tcsso = ''; - Object.keys(claims).findIndex(function (key) { - if (key.includes(tcSSOCookie)) { - tcsso = claims[key]; - return true; - } - return false; - }); - logger('Storing refreshed token...', true); - setCookie(tcJWTCookie, idToken, cookieExpireIn); - setCookie(v3JWTCookie, idToken, cookieExpireIn); - setCookie(tcSSOCookie, tcsso, cookieExpireIn); - } else { - logger("Refeshed token - user active ? ", userActive); - } - }).catch(function (e) { - logger("Refeshed token - error in fetching token from auth0: ", e); - }); - }; - function changeWindowMessage() { if ((!returnAppUrl && !appUrl) || ((returnAppUrl == 'undefined') && (appUrl == 'undefined'))) { From a9921691334a58e06d49653d18e6ce7a57f9e395 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Wed, 11 Nov 2020 14:08:55 +0530 Subject: [PATCH 7/8] typo --- web-assets/js/setupAuth0WithRedirect.js | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index 69005f5..ef0246a 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -414,6 +414,12 @@ const authSetup = function () { */ function receiveMessage(e) { logger("received Event:", e); + if (e.data && e.data.type && e.origin) { + if (e.data.type === IframeLogoutRequestType) { + host = e.origin; + logout(); + } + } if (e.data.type === "REFRESH_TOKEN") { const token = getCookie(v3JWTCookie); const failed = { From 5983e2aed14e1968cecc373843b49c1991a24ed1 Mon Sep 17 00:00:00 2001 From: Sachin Maheshwari Date: Fri, 20 Nov 2020 12:27:48 +0530 Subject: [PATCH 8/8] refresh iframe --- web-assets/js/setupAuth0WithRedirect.js | 50 +++++++++++-------------- 1 file changed, 21 insertions(+), 29 deletions(-) diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js index ef0246a..6606fdd 100644 --- a/web-assets/js/setupAuth0WithRedirect.js +++ b/web-assets/js/setupAuth0WithRedirect.js @@ -69,7 +69,10 @@ const authSetup = function () { ? 'localstorage' : 'memory', useRefreshTokens: useRefreshTokens - }).then(_init); + }).then(_init).catch(function (e) { + logger("Error occurred in initializing auth0 object: ", e); + window.location.reload(); + }); window.addEventListener("message", receiveMessage, false); }; @@ -218,7 +221,7 @@ const authSetup = function () { } const isLoggedIn = function () { - var token = getCookie(tcJWTCookie); + var token = getCookie(v3JWTCookie); return token ? !isTokenExpired(token) : false; }; @@ -468,38 +471,27 @@ const authSetup = function () { }); }; + const getToken = function (aObj) { + aObj.getTokenSilently({ timeoutInSeconds: 60 }).then(function (token) { + storeRefreshedToken(aObj); + }).catch(function (err) { + logger("receiveMessage: Error in refreshing token through iframe:", err) + informIt(failed); + }); + + }; + // main execution start here if (token && !isTokenExpired(token)) { informIt(success); + } else if (!token) { + informIt(failed); } else { - createAuth0Client({ - domain: domain, - client_id: clientId, - cacheLocation: useLocalStorage - ? 'localstorage' - : 'memory', - useRefreshTokens: useRefreshTokens - }).then(function (aObj) { - aObj.isAuthenticated().then(function (isAuthenticated) { - if (isAuthenticated) { - aObj.getTokenSilently().then(function (token) { - storeRefreshedToken(aObj); - }).catch(function (err) { - logger("receiveMessage: Error in refreshing token through iframe:", err) - informIt(failed); - }); - } else { - logger("authenticated ?", isAuthenticated); - informIt(failed); - } - }).catch(function (err) { - logger("receiveMessage: Error occured in checkng authentication", err); - informIt(failed); - }); - }).catch(function (err) { - logger("receiveMessage: Error occured in initializing auth0", err); + if (auth0) { + getToken(auth0); + } else { informIt(failed); - }); + } } } catch (e) { logger("error occured in iframe handler:", e.message);